AWS Web Application Firewall: A Overview and Step-by–Step Procedure to Setup WAF

Overview:
AWS Web Application Firewall is a firewall that protects web applications and APIs from commonly found web exploits that can compromise security, impact high availability, consume excessively and exhaust resources.
A WAF allows you to monitor and track requests to your AWS resources. You can also block or allow them through a predetermined set rules. It would result in cleaner server application logs and common attacks mitigation, less traffic to the server instances, and cost-cutting.

Source: aws.amazon.com
AWS CloudFront supports custom origins to serve content. This means that you can have a WAF protect any server even if it is not hosted on AWS. The API Gateway can also act as an HTTP proxy, allowing a WAF protection for any non-hosted AWS APIs as traffic passes through the gateway.
The WAF is composed of a Web ACL that is assigned to one or more AWS resources. The Web ACL is a collection rules that determine whether a request should be allowed or denied. These rules can be yours or provided by a third party.
The request is forwarded to the WAF by the protected AWS Resource. If the WAF decides that the request should not be allowed based on the rules applied, the AWS resource generates a 403 response back from the client. If the request is granted, it will be forwarded onwards. The AWS resource type determines the 403 response. Some resources, like CloudFront, allow for customization of the default message. An attacker will not be able to see that the WAF blocked the request.
Monitoring WAF allows for you to log requests through a Kinesis Firehouse into various AWS services, such as Redshift, S3 Bucket and Elastic Search Service. CloudWatch metrics can be created by any rule or rule group. This allows you to track the number and count of blocked, allowed, and counted requests in your CloudWatch dashboard.
Setup WAF
Step 1: Verify that IAM user has proper access to AWS managed WAF Policies
For AWS managed WAF policies, get the administrator’s permission
Step 2: In the search bar, type WAF & Shield in:
To open the service, click on WAF & Shield.
Step 3: Create a Web ACL
To create a web ACL
You can create a web ACL.
In the Name Block, enter your name to identify this web ACL.
On the Description block, type a description of the web ACL
Enter the name you desire on CloudWatch metric name blocks. Check the console’s guidance for valid characters.
Select CloudFront distributions, or regional resources according to your requirement.
If you choose regional resources, select Add AWS resources to access Associated AWS Resources. Select the resources you wish to use in the dialog box and then click Add.
Select Next
Step 4: Create an AWS Managed Rule group
To add an AWS Managed Rules Rule Group.

Select Add rules and rule group pages and choose Add rules to add managed rule groups.
The AWS managed group listing can be viewed on the Add managed rules groups page. You can also select listings available for AWS Marketplace sellers. You can subscribe to them and use them the same way you would for AWS Managed Rules rule group.
Select the rule group you wish to add. Turn on the Add to Web ACL toggle in the Action column.
Select Edit, then turn on the set all rules actions to count toggle in the rule group’s Rules list. This sets the rule group’s action to count only. It allows you to see how all rules in the rule set interact with your web requests, before you use any of them.
Select Save rule. Select Add rules from the Add managed group page. This will take you to the Add rules or rule groups page.
Step 5: Complete your Web ACL configuration.
To complete your we

Related Posts

Five Surprising Qualities that Can Help You Build Highly Effective Teams

When I was in graduate school, my first job was managing people. It makes me cringe to think back on the things I said, did, and implemented…

5 Steps to Be an Influential Project Manager

As managers, success in any given project is often dependent on our ability to bring people together under a common goal. Of course, you don’t always have…

Five Skills of the Most Successful Project Managers in the World

You’ll likely find information about systems approach to project management in a book on project administration. You know what? This is awesome. I hope you’ll read every…

5 roles that you will need to fill on your AWS big-data team

Are you in the process of building big data teams for your business? Here’s a list of people you need to be part of your data squad…

5 Project Management Steps: Process Group Project Management

There are many ways to manage a project. To manage a project effectively, you need to consider all aspects, from scope and budget to the tasks that…

How to keep the approval process from bogging down your project

The approval process is the most important thing that slows down a project. Your team may be moving at a rapid pace. The next thing you know,…